﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using TalentDesk.Contracts.Ef;

namespace TalentDesk.Mvc.HelperClasses
{
    public class TalentDeskAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
    {
        private bool bIsAuthorized = true;

        public void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);

            if (!(filterContext.ActionDescriptor.ControllerDescriptor.ControllerName == "Account" && filterContext.ActionDescriptor.ActionName == "Login"))
            {
                User oUser = (User)HttpContext.Current.Session["User"];
                if (oUser != null)
                {
                    if (filterContext.ActionDescriptor.GetCustomAttributes(typeof(TalentDeskAuthority), false).Count() > 0)
                    {



                        List<Role> tempRole = new List<Role>();
                        foreach (var item in oUser.UserGroups.ToList())
                        {

                            if (item.Group != null)
                                foreach (var itemRole in item.Group.Roles)
                                {
                                    if (!tempRole.Contains(itemRole))
                                        tempRole.Add(itemRole);
                                }
                        }

                        foreach (var item in oUser.UserRoles.ToList())
                        {
                            if (item.Role != null)
                                if (!tempRole.Contains(item.Role))
                                    tempRole.Add(item.Role);
                        }

                        List<TalentDesk.Contracts.Ef.Action> lAction = new List<TalentDesk.Contracts.Ef.Action>();
                        foreach (var item in tempRole)
                        {
                            foreach (var item1 in item.RolePermissions)
                            {
                                if (!lAction.Contains(item1.Action))
                                    lAction.Add(item1.Action);
                            }
                        }


                        bIsAuthorized = (from b in lAction
                                         where b.ActionName == filterContext.ActionDescriptor.ActionName && b.ControlName == filterContext.ActionDescriptor.ControllerDescriptor.ControllerName
                                         select b).ToList().Count() > 0;
                        if (!bIsAuthorized)
                        {
                            filterContext.Result = new HttpUnauthorizedResult();

                            //filterContext.Result = new RedirectResult("~/Account/Login" + "?returnUrl=~" +
                            //     filterContext.HttpContext.Server.UrlEncode(filterContext.HttpContext.Request.RawUrl));
                        }

                    }

                    return;

                }
                else
                {
                    filterContext.Result = new HttpUnauthorizedResult();
                    //filterContext.Result = new RedirectResult("~/Account/Login" + "?returnUrl=~" +
                    //          filterContext.HttpContext.Server.UrlEncode(filterContext.HttpContext.Request.RawUrl));
                }
            }

        }

    }
}